<?php

/**
 * Smarty plugin
 * @package Smarty
 * @subpackage plugins
 */
/**
 * determines if a resource is secure or not.
 *
 * @param string $resource_type
 * @param string $resource_name
 * @return boolean
 */
//  $resource_type, $resource_name
function smarty_core_is_secure($params, &$smarty) {
	if(! $smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
		return true;
	}
	if($params['resource_type'] == 'file') {
		$_rp = realpath($params['resource_name']);
		if(isset($params['resource_base_path'])) {
			foreach((array) $params['resource_base_path'] as $curr_dir) {
				if(($_cd = realpath($curr_dir)) !== false && strncmp($_rp, $_cd, strlen($_cd)) == 0 && substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) {
					return true;
				}
			}
		}
		if(! empty($smarty->secure_dir)) {
			foreach((array) $smarty->secure_dir as $curr_dir) {
				if(($_cd = realpath($curr_dir)) !== false) {
					if($_cd == $_rp) {
						return true;
					} elseif(strncmp($_rp, $_cd, strlen($_cd)) == 0 && substr($_rp, strlen($_cd), 1) == DIRECTORY_SEPARATOR) {
						return true;
					}
				}
			}
		}
	} else {
		// resource is not on local file system
		return call_user_func_array($smarty->_plugins['resource'][$params['resource_type']][0][2], array($params['resource_name'] , &$smarty));
	}
	return false;
}
/* vim: set expandtab: */
?>
